To achieve the most comprehensive protection possible against potential attacks in SAP environments (and deal with those that do occur), encryption mechanisms and up-to-date cryptography libraries are required using TLS.
Despite the increasing use of web interfaces in the context of S/4HANA, batch processing is still required for mass data. However, our experience in customer projects has shown that very few administrators know how manage authorizations properly in such scenarios. SAP OSS Note 101146 offers a good overview in this regard. In this blog post, we want to provide a condensed explanation of how the practical aspects interrelate.